We’re supporting a global engineering organisation looking for a Contract Application Security specialist to help embed secure development practices across their software and related hardware products. This is likely to be a minimum of 6 months (outside IR35) with further extensions a strong likelihood.
You’ll work closely with engineers and leadership to drive secure SDLC, threat modelling, assess vulnerabilities, and support alignment with the EU Cyber Resilience Act.
Key experience:
* Product Security / Application Security
* Strong Understanding of software development environments
* Familiarity with threat modelling and vulnerability assessments
* Secure coding principles / OWASP
* Ability to engage with software teams and speak their language
* Relevant backgrounds may include AppSec, Product Security, Ethical Hacking/Offensive Security, DevSecOps, Secure SDLC, Penetration Testing.
* Experience with electronics, hardware or robotics would be useful but not essential.
This role does require a couple of days in the Gloucestershire office so we recommend only relatively local candidates should apply.